Chinese Hackers Hacked US Defense Contractors 20 Times In Just One Year

The Senate Armed Services Committee released a new report on Wednesday alleging Chinese hackers linked to the Chinese government “successfully penetrated the computers of U.S. defense contractors working with the government agency responsible for the transportation of military troops and goods across the globe at least 20 times in a single year.”

The Senate Armed Services Committee has been investigating this issue from the last year and found that the U.S. Military’s Transportation Command (TRANSCOM) has been infiltrated by Chinese hackers at least 20 times in a year, out of which only two were detected.

According to the report, The Senate Armed Services Committee investigators found roughly 50 intrusions in the network of US contractors working with US Transportation Command from which at least 20 intrusions were successful, the investigating committee said, and were attributed to “sophisticated threats commonly associated with governments.” Of those 20 intrusions, TRANSCOM was reportedly only aware of two.

The investigation was conducted in the 12 months period from June 2012 to June 2013 based on information provided by the Federal Bureau of Investigations (FBI), Defense Security Services (DoD), Defense Cyber Crime Centre, and the US Air Force and 11 contractors.

The details of allegations on China were made public by the The Senate Armed Services committee on Wednesday in a press release titled, SASC investigation finds Chinese intrusions into key defense contractors. The committee also found dramatic gaps in reporting requirements and a lack of information sharing among U.S. government entities.

This poor coordination between the contractors and U.S. agencies left the U.S. military’s TRANSCOM virtually in dark about the computer compromises of its contractors that, according to committee, are key to the mobilization and deployment of U.S. military forces. It further criticized the reporting structure and said the FBI and Department of Defence (DoD) knew about the intrusions but did not tell the Pentagon of nine separate intrusions of TRANSCOM contractors and other agencies within the Department.

Here are some of the specific incidents described in the report:

A Chinese military intrusion into a TRANSCOM contractor between 2008 and 2010 that compromised emails, documents, user passwords and computer code.

A 2010 intrusion by the Chinese military into the network of a CRAF contractor in which documents, flight details, credentials and passwords for encrypted email were stolen.

A 2012 Chinese military intrusion into multiple systems onboard a commercial ship contracted by TRANSCOM.

“These peacetime intrusions into the networks of key defense contractors are more evidence of China’s aggressive actions in cyberspace,” said Sen. Carl Levin, D-Mich., the committee’s chairman. “Our findings are a warning that we must do much more to protect strategically significant systems from attack and to share information about intrusions when they do occur.”

The Senate Armed Services committee investigation focused on the U.S. military’s ability to tap into civilian air, shipping and other transportation assets to rapidly deployments of U.S. forces in times of crisis. The committee’s top Republican, Jim Inhofe, demanded a “central clearinghouse” that makes it easy for critical contractors, particularly small businesses, to report suspicious cyber activity “without adding a burden to their mission support operations.”

The committee upgraded its version of the National Defense Authorisation Act for Fiscal Year 2015 to direct the Secretary of Defense to tighten up the reporting gaps and improve the way in which the Department disseminates inform about cyber intrusions into the computer networks of operationally critical contractors.